P-D-C-A with a Christmas Tree

As a QMII employee, I can sit and observe classes whenever I want, more so since they are virtual instructor led these days. It allows me to get a refresher on the clauses, even though it is so hard to get them. It gets me every time. When the time comes to interview auditees, I smile like a Cheshire cat; not a confident grin but one that hopefully does not betray my nervousness.  Often, I am nervous as a long-tailed cat in a room full of rocking chairs. However, my QMII ISO lead auditor training has prepared me well. I am nervous as the auditee too, even though I know audits are not about pass or fail.  While I call myself a writer and researcher my greatest struggle perhaps lies with Audit Report writing. Oh, man! QMII lead auditor training, however, well prepared me to gather all notes during an audit to present a valuable report to the auditee. Smile.

The aspect of Lead Auditor training I like is the P-D-C-A cycle because I can use that analogy anywhere in my life. I have the responsibility of putting up the tree, however, currently, my application of the P-D-C-A is not going so well. Perhaps a re-plan is needed?

So from the Lead Auditor classes that I have attended, P-D-C-A stands for the following and the task next to it is what I have to do:-

P – Planning: We have to put the tree. Also, the objective of my mission. Considerations include where are the decorations kept, do we have enough, do we need a ladder, what should be the first step, then the next (like testing the lights before we put them on the tree), and more. Most important plan the time to do it in my busy schedule!

D – Do: Now to put my plan into action! Locate the boxes, get them out, unpack, and, get my team to help me even if they don’t want to (just to cheer me on perhaps). Yay! Thanks guys, for your help! Thumbs up for that. Basically, everything else that needs to be completed before the tree is finally up and lit up and everyone is happy. The DO stage can be extremely exhausting. How about that drink to cool me down?

Note – From my Lead Auditor training and also when I am auditing my clients, I know that the ‘DO’ section of the process is where a lot of the “action” happens. Just because “you gotta do it, man, get on with it!” I feel the pain of the “Do’s” as it is easy sometimes to plan but more taxing to put the plan into action. Now getting back to my tree.

C – Check: Once the tree is up and you think the job is over, it is not. You have to wait for the others to “check” the tree out and give their opinions. Pass comments, critique your effort while you are bickering away that they didn’t do anything, but they get to analyze it. What was that? Oh yes, I agree it is just an opportunity for improvement and we love our non-conformities.

A – Act: The verdict is out. The tree looks great. Beautiful decorations. However, the lights seem to flicker at some places, we need better lights for next time. Get more decorations. Good job!

VERDICT

Plan it better next time. Stop bickering when you are doing the job. Be patient and stop being

grumpy when they are “checking” and analyzing your work. Continually Improve this process till you get your Act together – words of a wise Yoda who is enjoying the view of the Christmas tree and listening to the Christmas songs.

Can I get that drink now? Long Island, please. Merry Christmas!

Is your organization ready for MDSAP?

Quality is important in all industries but perhaps more so in the medical industry and for those organizations producing medical devices. Apart from ISO 13485 that defines the requirement for medical device quality management systems, medical device manufacturers have to also comply with the regulations of the country their devices are going to be used within. In an effort to streamline the program for manufacturers the Medical Device Single Audit Program (MDSAP) was devised. The MDSAP program is an audit done of the company to the regulations of five participating countries. It is thus much longer than a regular ISO audit as it has to assess the system against multiple regulatory requirements.  

As your company prepares for this new audit scheme perhaps the easiest thing to do is a self-assessment. Use the MDSAP audit model guide to assess whether the company processes meet all the requirements. Conduct a gap assessment and then work to fill in the gaps including keeping records as needed by MDSAP. Just because an organization undergoes MDSAP does not mean that it will not have an ISO 13485 audit as these are two separate schemes. In the conduct of the assessment ensure that the person conducting it is competent to do so. This will avoid any last-minute surprises. Make note that the MDSAP model grades non-conformities differently and so use the same scoring scheme to know what are the priorities that need to be addressed immediately.  

Is the leadership prepared? Often in preparing an organization focuses on the lower echelons as also on the processes involved in the design and manufacturing processes. Ensure the leadership is briefed on the model guide and understands the expectations from them. As a part of each audit, the AO focuses on the management and assesses their commitment to the system. The leadership once committed will drive the rest of the organization to follow suit. This will make it easier for those implementing the system and assessing it internally.  

Make sure personnel are trained and understand well the expectations. QMII offers a variety of MDSAP offerings that are tailored to meet the requirements of the organization with training for each level of the organization. In addition, QMII also offers ISO 13485 lead auditor training. Organizations must recognize that participating in MDSAP will not exclude them from regulatory audits from other organizations. While the audit program may seem cumbersome at first there are benefits from participating in it that include reduced costs and a streamlined audit process.  

How will ISO 22301 Benefit you?

What is ISO 22301?

ISO 22301 is an international standard for Business Continuity Management Systems. This standard is designed to protect, prepare for, respond to, and recover from unexpected incidents when they arise. When your organization has a Business Continuity Management System, it is prepared to detect and prevent unforeseen threats.

ISO 22301 applies to all organizations no matter the size or industry. In 2012, when this standard was first developed, it was the world’s first international standard for implementing and maintaining effective business continuity plans, systems, and processes. It was revised in late 2019 to bring it up to date with current best practices and is based on the High-Level Structure (HLS).  Consequently, it aligns well with many other internationally recognized management system standards including ISO 9001 (quality management) and ISO 14001 (environmental management).

What are the benefits of being ISO 22301 certified?

There are many possible threats that organizations face including supply chain issues as we saw in the recent pandemic, or natural disasters such as earthquakes, floods, hurricanes, and tornadoes, and even cyber-attacks such as the recent news with the ransomware attacks on the oil and gas and food industries. These are major threats, but there are even other types of risks, such as the loss of skilled labor, power outages, and IT breakdowns that can cause disruption to a business.

How is a certification in ISO 22301 beneficial to an individual?

With a certificate in ISO 22301, you will be able to help your organization meet its business objectives and gain the necessary knowledge to manage a team in the implementation of this standard.

If your organization does not have a Business Continuity plan, then they may be at risk.  It is important to take these plans seriously or your business could suffer consequences. Some impacts of not having a plan include business failure, damaged reputation, loss of data and clients, and business interruption.

 What will students learn about ISO 22301 from QMII?

During ISO 22301 five-day training at QMII, students will understand how to respond effectively based on the procedures that apply before, during, and after an event. It is important for an organization to implement a Business Continuity plan because it shows that you are prepared for the unexpected. This assures that your business will continue to operate without any major impacts or losses. Our training enables you to develop the necessary expertise to perform a Business Continuity Management System (BCMS) audit by applying widely recognized audit principles, procedures, and techniques.

 

Implementing Safety Management Systems for Passenger Vessels

PV SMS White Paper – FinalExcerpt below is from White Paper by ‘Implementing Safety Management Systems for Passenger Vessels’ by Dr. Inderjit (IJ) Arora (QMII), Julius Desilva (QMII) and Captain Lee Boone (USCG, Retired). To continue reading the paper click on link in text.

INTRODUCTION

All too often, major accidents are the catalyst for change in the maritime industry. Evidence of this is seen in the development and implementation of maritime conventions and codes in existence today. The International Safety Management (ISM) Code, the result of such a catalyst, was meant to change this reactive nature. The ISM Code intended to promote a safety culture wherein risks are properly considered, work is effectively planned, personal accountability is enhanced, and operations are continually improved.

Unfortunately, this target was missed in many cases and a pervasive by-product called compliance culture set in, wherein the system achieves the minimum and only to satisfy regulators. The maritime industry and regulators learned much from this experience. We know now that if the true value of safety management systems (SMS) is not realized, further implementation efforts become self-defeating. This leads to even more than normal resistance from many who have seen colleagues, shipmates and competitors negatively impacted. A carefully planned implementation strategy expanding the use of safety management systems (SMS) to domestic passenger vessels should therefore be executed to avoid these pitfalls. As Safety Management Systems for domestic passenger vessels are intended in the same way as those for SOLAS1 vessels, we must apply lessons that have been learned from similar regulatory efforts.

In this paper, recommendations are made for implementing SMSs for domestic passenger vessels (PV) based on the concepts of incentives, scalability, and collective use of resources. When implemented in the right way and for the right reasons, the value that SMSs offer passenger vessel owner/operators is maximized, while the cost of implementation is minimized.

BACKGROUND – RESISTANCE TO CHANGE

Looking at the data from the 1980’s to date, one would expect to see a decline in marine casualties starting in 1998 when the ISM code’s first compliance deadline came into effect. Initially the data shows a downward trend for a few years and then a spike starting in 2001. Those resisting change brought about by the ISM code would argue that the code had not delivered any improvements. However, the upward trend peaked in 2008 and has since seen a decline.

When a new management system is put in place, irrespective of industry, the first sign of success albeit non-intuitive, is a spike in accidents, incidents and hazardous occurrences. This leading indicator should be accepted as a positive as it demonstrates that the personnel within the system have started reporting non-conformities that went unreported before. This reporting enables corrective action to be taken in a systematic manner to prevent a similar non-conformity from occurring again.

To continue reading click here.

ISO 14001 – Environmental Management System Auditing

With the HLS (high-level structure) common to all standards ensuring the ten-clause structure an organization can ensure the best results to its management system by having an integrated management system. A divided approach to managing an organization based on several standards can often result in environmental and quality policy being in conflict. If occupational health and safety (ISO 45001) are also to be integrated, it enables the management to consider the risks in the combined context of the organization. When these are separated the combined risks can be mixed. Further, if security is to be also part of the management system (ISO 28000 – still not in the HLS format), integrating the system would ensure a functional management system.

Environmental management system based on ISO 14001, has integral it the consideration of aspects, their impacts, recognition of significant impacts, and prioritization of the same. Experience shows that implementing ISO 14001 is easier and simpler and more readily accepted by the employees when the organization already has a functioning Quality Management System (QMS) based on ISO 9001 in place.

A well-implemented EMS, EMS ensures cost savings by recycling, reduction in consumption, and cost savings in waste. This gives tremendous advantages over competitors for projecting the organization as a responsible company but when tendering for business. Managing risks is more comprehensive, as the leadership is able to see combined risks to the organization in quality, safety, occupational health, and security. The demonstration of commitment to improving the environment in a socially responsible manner is more systematically implemented by interpreting the ISO 14001.

Auditing the integrated management system, if that be the choice (recommended), or just the EMS based on ISO 14001 requires the auditors to first interpret the standard based on company policy, the organization’s goals based on consideration including expectations of the interested parties and the external and internal issues aligned to statutory requirements. Auditors, particularly internal auditors must ensure the interpretations of ISO 14001 are aligned per guidelines for the industry. ISO 14001 certification can improve an organization’s reputation and result in improved relationships to the mutual benefit of stakeholders and the organization.

Auditors must not forget that internal auditing is not to judge the legal compliance of the processes. Legal compliance is a requirement and is best judged by compliance auditors. Internal auditors audit to see that the organization has the processes to ensure compliance. Internal auditors look at the plans of the organization to ensure processes monitor environmental aspects and mitigate as required, systematically address them.

QMII (www.qmii.com) has for 30 plus years integrated management systems and training lead auditors for various standards including ISO 14001. With our vast consulting experience in ISO 14001, we reinvest our field experience into the content development of our courses. The real-world experiences back our instructors and training material in ensuring auditors understand ISO 14001.

A good internal audit process, for any standard, particularly the ISO 14001, should start with a good plan. Good QMII training ensures, auditors prioritize audits, and allocation of time-based on risks, previous results, the importance of the process. The audit cycle is often one year (can vary), and so depending on the environmental importance of the process and past performance-critical environmental aspects can be audited.

Effectiveness of the ISM Code

The ISM (International Safety Management) Code, in itself, is not a magic wand, that will bring safety or prevent pollution. It depends on the organization on how it implements the Code. Safe operation of ships and the prevention of pollution should have been any organization’s objective. Yet all over the world owners to save money compromise these objectives. Did not the Titanic on April 15, 1912, sink, trying to create a record of crossing the Atlantic, by going North to cut distance, run into the iceberg?

The sinking of the Titanic, with a loss of nearly 1500 passengers and the crew was an eye-opener. It led to the SOLAS (Safety of Life at Sea) convention. Did the negligence and continued operation of ships compromising safety stop with SOLAS? Sadly not. The investigation by Justice Sheen into the sinking of the Herald of Free Enterprise, on March 6, 1987, looked at why SOLAS had not helped prevent the tragedy. It brought out the necessity for a process-based management system, and the SOLAS Chapter IX was updated to authorize the ISM Code. It provides the guidelines for the implementation of a system to ensure the safety of vessels at sea.

The Flag State Administrations whose flag the ships sail under, legitimize the use of the code making it mandatory for internationally trading vessels. If any company is bent upon not implementing it in the spirit of it, then of course the objectives of the code as also the functional requirements will not be met. Owners and Operators of the vessels often look to short term gains wherein they compromise the standards and bypass the rules. They have to understand that behind every casualty at sea are many detentions and behind them indicators like Major NCs (non-conformities) and near misses.

The Flag States who do not strictly inspect and audit vessels to the ISM Code and issue SMC (safety management certificates), are actually, to retain the business of ship owners, jeopardizing the same ships! Even some responsible Flag States, due to shortage of manpower outsource their duties to ROs (recognized organizations), often represented by class societies. This results in diluted control, as an outsourced process needs strict monitoring of the process to ensure the performance is not affected. Not managing an outsourced process is as good as not taking responsibility. Authority can be delegated, bot the responsibility.

NCs (non-conformities) drive correction and CA (corrective action), and as such should be welcome as inputs to ensure continual improvement of the system based on the ISM Code. Yet, there are every day common examples of Masters of ships negotiating to somehow get the auditors to not give NCs. This is because the management ashore is not mature to realize, that keeping the master’s pressurized and performance being judged by NCs reported is creating an environment of fear and hiding of NCs. A good SMS (safety management system) based on the ISM Code, if correctly implemented should welcome NCs. The DP (designated person) should know that the “only bad NC, is the one which the organization does not know about.”

For domestic vessels, and for that matter towing and small vessels, and perhaps in due course of time for domestic passenger vessels, one would think a new standard would be required? Sub Chapter M for the towing industry in the USA, is nothing else but the ISM Code domesticated. The ISM Code is a useful well thought of document which provides strong fundamentals based on hundreds of years of sea experience, loss of life, cargoes, ships, and fortunes. The process-based management system it propagates would systematize operations. However, for an effective management system, the implementers have to be motivated and committed. The Flag States have to be strict and vigilant in their issue of certificates. When they outsource the certification to Ros, they must not wash their hands of their responsibility. The strict monitoring of the ROs by ensuring good clear concise MOUs (memorandums of understanding) with clear provisions to audit the ROs must be put in place. The owners and operators through their organization should put in place a robust internal auditing program that gives the objective inputs on the implementation of the ISM Code.

– by Dr. IJ Arora

Eight steps for a successful internal audit program

Internal audit programs play an important role in ensuring the success of the system. ISO standards such as ISO 9001, ISO 14001,  ISO 45001 provide the framework for management systems to function using a process-based approach, to achieve customer and other stakeholder’s requirements. Organizations certified to ISO standards, strive to be compliant, efficient and remain certified. Successful systems have Top Management (TM) / Leadership that are committed to and engaged with the system. They ensure regular internal audits and conduct management reviews (MR) to assess the continuing suitability, adequacy and effectiveness of the system. They further ensure that their decision-making process uses the inputs from the MR to ensure objective resourcing and support for efficiency.

External third-party audits too add value to this system, provided the auditors remain objective throughout the audit. Over the years QMII has come across instances where Non-Conformities (NC) were issued without the requirement being clearly stated or the evidence did not substantiate the requirement not met. However, these NCs are rarely challenged by organizations for “fear” of upsetting the auditors. Changes are further implemented to the system as a part of corrective action based on these findings. At times when the management is disconnected from the working system they often are surprised by the NCs presented at the closing meeting.

Is there, as a result, a case for preparing the organization for both internal audits and external audits? In well-functioning systems the organization should never have to prepare for an internal audit. The systems are designed to drive success and not for auditors or to get through audits without any NCs. NCs are, after all, an opportunity for continual improvement of the system and should be embraced, provided they are objective and not subjective to an auditor’s experience or opinion. An organization can and must respect a good NC and use it to drive correction and corrective action (CA). After all CA is NC driven. The organization/ auditee should be happy to receive a NC for risk(s) not appreciated.

I do however think that there are steps organization can take to build employee confidence in the  system, including the confidence to challenge the auditor when a NC is not clear or incorrectly given. Here are eight steps an organization can do to have its employees get that confidence for internal audit and subsequently for external audits:

  1. Conduct orientation on the process-based management system (PBMS) approach in general, and introduction to the highlights of the specific standard (e.g. ISO 9001:2015). This ensures that the basics of system approach and the internal management system are clear to all personnel.
  2. All TM must do a short training to be aware of the ISO standard, the main clauses and the benefits of the management system. This awareness leaders workshop (ALW) brings the confidence in the system, its implementation and continual improvement. This leadership awareness further encourages engagement of all personnel to use the system and increases buy-in.
  3. On regular basis, in day to day work and meetings refer to the management system. Ensure Quality, environment, safety, security, social responsibility, compliance are topics of discussion at periodic intervals. Even the middle and lower management e.g. supervisors should be encouraged to use the  system and engage others to do so. Management may have to support others in their roles of leadership at relevant levels.
  4. More than just following processes, all personnel must feel free and confident to challenge the process, make suggestions, raise NCs and submit innovative ideas. A participatory approach to system implementation is very cost effective. Let employees voice their concerns. Once they confident of their process and their system (with the fundamentals of the ISO Standard/other requirements built-in) the fear of audits will reduce.
  5. Put in place an aggressive internal audit program. When an outside (third party) auditor raises a NC, the organization does RCA (Root Cause Analysis) of the NC, but rarely does it challenge its Internal system and ask how the internal audit program missed the NC raised by the third party? Internal audits must be objective and strict and must raise all NCs.
  6. NCs must be tracked diligently and addressed within the time frame the organization has set for itself. TMs must stay involved by asking on the progress to the CA process. Overdue NCs must be investigated and TM must ask during the MR why the concerned department did not address it in time. Encourage PSW (Problem Solving Workshops) so teams can look at complex, inter-departmental NCs. Encourage use of tools as Causal Analysis and FMEA (Failure Mode Effect and Analysis).
  7. Creating a lesson learned data base has many advantages. It acts as a historic record for new joiners to learn of past occurrences. Additionally, it has great participatory value connecting each future task as a driver of improvement based on the past. The collective intelligence of the organization is available to the organization and does not vanish when individuals leave the organization.
  8. Some additional points for ISO 9001/ ISO 45001/AS9100 audit preparation:
  • Answer audit questions to the point. Do not volunteer information not sought.
  • Do not be reluctant to ask for your manager/ supervisor to support you if you are not clear on the question.
  • Have the confidence in your professionalism to ask the auditor for the requirement based on which the auditor is planning to raise a NC.
  • Be aware of risks associated with their process and actions taken to address them.
  • Explain the risks in the context of the organization and the context of what the employee does to them.

Aspects and Impacts: Let’s start here

Every organization needs to consider the aspects of their organization, and the impacts they have on the planet.  Understanding the impacts is critical to the sustainability of the organization, and in the long run, the planet.

Most organizations only consider the impacts of their processes in relation to waste created and materials used.  While these are important, an organization should consider all aspects of their operation and processes before they start a business.  This includes the facilities, people, materials and other elements of their operations.  Once operational, they need to continually evaluate all process to look for improvement.

Many aspects are considered by organizations in order to borrow money to launch a product or service.  This is a good place to start.  Clearly understanding the impacts the organization will have on the local environment and community is a good step toward launching a sustainable business.  Lenders, both private and public, will be more generous lending if they know the organization is considering all three pillars of sustainability; social, environmental and economic.

Generally speaking, recycling an existing structure to a new operational use has less impact than building a new facility.  Applying building technics recommended under Leadership in Environmental and Energy Design (LEED) and Energy Star, will also reduce environmental impacts, and improve the operational economics.  If new structures are required, considering the site location, building facing direction and proximity to water, public transportation, and workers, will also help the organization conform to LEED and other building Standards.  Local communities will be much more accepting of an organization operating in their community if the proper design considerations are considered before construction is begun.

Once operational, every group in an organization needs to evaluate their processes on a regular basis to determine what improvements can be made to the aspects of the organization, and the impacts of there processes.  Management is accountable for the operation of the organization, but every department needs to be responsible for their processes.  This is not just the manufacturing or production departments, but also sales, marketing, receiving, packaging, shipping and customer services.  Organizations are also responsible for the performance of their products and/or services, and often the potential recycling of products. 

The International Organization for Standardization (ISO) has established Standards that can be used by an organization to help improve their management system processes and reduce risks.  ISO 14001:2015 Environmental Management Systems and ISO 9001:2015 Quality Management Systems can be used separately, or together, to provide guidance in improving an organization’s operations.  Lenders and communities appreciate the value of a well-run organization that understands the aspects of their operations and addresses the impacts.

What is ISO 14001 Lifecycle Perspective?

ISO 14001 Lead Auditor training introduces students to the ISO 14001 standard and its interpretation as well as the skills needed to assess the effectiveness of the environmental management system. ISO 14001 in its 2015 revision introduces the lifecycle perspective. In essence, the standard asks organizations to use a lifecycle perspective when designing/manufacturing their products/services. This means that instead of a cradle to grave concept organizations need to think of a cradle to cradle concept.

Cradle to Grave

ISO 9001 ‘Requirements for Quality Management Systems’ ushered in a new era of process-based management systems that could be used to improve the quality of products/services being delivered to customers as well as when well implemented to increase efficiency and productivity. However, as productivity, efficiency and quality were being improved; the by-products of the system were not addressed. During the 1980s there were some regional efforts to address the impact of organizations on the environment and ISO 14001 was ISO’s effort to lay down the requirements for a management system that addressed the aspects and their associated impacts. Organizations were expected to take action on these impacts to reduce them. Auditors undergoing ISO 14001 Lead Auditor training were now ready to assess the effectiveness of these systems.

In its initial publication and subsequent revision in 2004 ISO 14001 asks organizations to take a ‘cradle to grave’ approach to managing their impacts on the environment. This meant reducing the immediate impact on the environment. However, with time we learned that this does not address the growing landfill issues being faced by countries globally. To address this issue as well as to align with international efforts to address climate change, rapid depletion of the planet resources and encourage sustainable operations the ISO 14001 standard introduced the concept of ‘cradle to cradle’ in its 2015 revision.

Cradle to Cradle

ISO 14001 defined lifecycle as “consecutive and interlinked stages of a product (or service) system, from the raw material acquisition or generation from natural resources to final disposal.” Life cycle stages can include the acquisition of raw materials, design, production, transportation/delivery, use, end-of-life treatment, and final disposal. A great example of a lifecycle perspective in manufacturing is the recycling of Lead-Acid Car Batteries. Nearly 99% of these batteries are recycled/reused. Major battery manufacturers have programs in place to encourage the recycling of car batteries.

While ISO 14001 does not call for a formal life cycle assessment ISO 14044 provides the guidelines for a life cycle assessment should an organization wish to do so. In determining the end of life disposal organizations may choose products that are recyclable, sustainable and even perhaps biodegradable. ISO 14001 lead auditor training provided by QMII, highlights the concepts of a lifecycle perspective and how to incorporate it into your environmental management system.

Conclusion

ISO 14001 Lead Auditor training enables participants to go back and implement environmental management systems that will benefit their organization, the environment, and stakeholders. It also enables participants to conduct value-adding audits of their systems. The intent of the audit is to identify opportunities for improvement. With the skills, ISO 14001 Lead Auditor training by QMII and the knowledge of a life cycle perspective participants are ready to hit the ground running in implementing and auditing environmental management systems.

 

Stop the Firefighting: Use Effective Root Cause Analysis

Root Cause Analysis (RCA) or Causal Analysis when applied correctly should help to prevent the recurrence and occurrence of similar issues within the organization. Why then is such little time, money and or effort afforded to it?

Heroes save the day! Yet again! How often have we come across news articles that laud those who manage the crisis, stop the plane from crashing or save the patient. The reality in any casualty is that, a system failure has resulted in a non-conforming product/service, including failed inspection. Organizations should laud and appreciate those who prevent incidents/ accidents/non-conformities and those who perform effective root cause analysis. Those who recognize near misses and perform CA  should receive equivalent if not more praise.

The root cause of many diseases is lack of a healthy lifestyle. Presumably, annual medical check-ups would show the flaws and enable risk appreciation to prevent a disease or illness from manifesting itself. This data however may not be enough to provide an accurate diagnosis or prevent a serious medical condition. Perhaps some may see the regular check-ups as a waste of money and time! This may help to explain why companies are reluctant to do root cause analysis when non-conformities arise. Their instincts are to do the firefighting when something goes wrong. This basic firefighting often appears to be less expensive, quick and seemingly more convenient. However, as has been proved again and again in various fields (quality, safety, security, etc.) prevention is better and more cost effective than the cure.

Why Problems Persist?

There are many methodologies for root cause analysis (RCA). It is not the intent of this article to educate its readers on the various RCA methodologies. Before we delve into why problem persists let us considers why problems occur. Problems usually occur because of the lack of a functional well implemented management system. This includes the lack of management commitment, timely identification of risks and lack of controls/adequate resources for the processes. Despite repeated warnings from their doctor, patients choose to continue living their current lifestyle. During incident investigation interviews this comment is often heard ‘this is the way we always did it’. Humans are not always accepting of changes and ‘if it ain’t broke then why fix it?’ Management of change is never easy. The larger the organization the more difficult it is to enable the change. Often in management systems, problems are ‘fixed’. This makes the issue go away albeit temporarily. Everyone likes a good score card and ‘fixing’ the issue makes everything look good again. However, when the root cause(s) are not addressed this dragon will raise its ugly head again.

When root cause analysis points toward leadership or top management, the job security aspects may prevent the middle managers from completing the RCA process. This political limitation, to avoid exposing process issues within the ranks of leadership are counterproductive, and yet a reality. As preposterous as it may sound, in some cases leadership may opt for paying the fine when things go wrong and then proceeding as is. This is seen as the ‘less expensive’ option than resourcing actions to prevent the recurrence/occurrence of problems. Conflicts of interest in the workplace, can often be a reason for a lack of effective root cause analysis.

Stopping the Firefighting.

With all due respect to firefighters and other emergency personnel, organizations want to solve the problem, so they do not have to call them back! This means getting to the root cause(s) of the incident. Very often when identifying the root cause(s), the work group or practitioners often stop short of finding the actual “root cause.” These may be the immediate direct or indirect causes. The root case may lie in another part of the organization and often gets missed. Root Cause Analysis when done correctly drives systemic changes to prevent similar issues from cropping up again. As with everything else the RCA team needs the backing of the leadership including the needed resources to be effective.

In conducting effective root cause analysis, the inputs of customers and other stakeholders may be needed. For effective root cause analysis is of interest to all organizations that are integral to the successful implementation of a management system. The element of social responsibility in the defined duties of leadership need to be audited and have consequences when customer focus is lost. The new root cause analysis model should have an element of responsibility attributable to the top management. The intent, not to encourage a blame culture, but a responsibility culture. As a part of QMII’s management system implementation we train selected candidates as a problem-solving team to enable and empower continued success of the system. To sit in the fire house and focus on other initiatives such as innovation, social responsibility etc. an organization has to proactive rather than be responsive.

Conclusion

Leadership often questions why money spent on management systems, particularly when based on ISO Standards do not work? Why a conforming product or service is not constantly delivered by an organization? Mature organizations recognize that the only bad nonconformity (NC) is the one that they do not know about. Once the NC is identified, the system must drive Correction and CA (corrective action, based on RCA). Closed NCs added to the database, along with the proper analysis of the information, will allow system users to appreciate risks and trends to identify the opportunities for improvement (OFI). However, all this will fail if the MS (management system) users do not understand the value of RCA.

For the success of a Management System, its outputs based on inputs must deliver conforming products and services.  When the Management System does not achieve this, all stakeholders should be interested in the root cause analysis and corrective action.